208 lines
5.0 KiB
Bash
208 lines
5.0 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Copyright (c) 2021-2025 community-scripts ORG
|
|
# Author: MickLesk (CanbiZ)
|
|
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
|
|
# Source: https://github.com/RostislavDugin/postgresus
|
|
|
|
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
|
|
color
|
|
verb_ip6
|
|
catch_errors
|
|
setting_up_container
|
|
network_check
|
|
update_os
|
|
|
|
msg_info "Installing Dependencies"
|
|
$STD apt-get install -y \
|
|
nginx
|
|
msg_ok "Installed Dependencies"
|
|
|
|
import_local_ip
|
|
PG_VERSION="17" setup_postgresql
|
|
PG_DB_NAME="postgresus" PG_DB_USER="postgresus" setup_postgresql_db
|
|
GO_VERSION="1.23" setup_golang
|
|
NODE_VERSION="20" setup_nodejs
|
|
|
|
fetch_and_deploy_gh_release "postgresus" "RostislavDugin/postgresus" "tarball" "latest" "/opt/postgresus"
|
|
|
|
msg_info "Building Postgresus (Patience)"
|
|
cd /opt/postgresus
|
|
|
|
# Build frontend
|
|
cd frontend
|
|
$STD npm ci
|
|
$STD npm run build
|
|
cd ..
|
|
|
|
# Build backend
|
|
cd backend
|
|
$STD go mod download
|
|
$STD go build -o ../postgresus ./cmd/main.go
|
|
cd ..
|
|
|
|
# Setup directories and permissions
|
|
mkdir -p /opt/postgresus/{data,backups,logs}
|
|
cp -r frontend/dist /opt/postgresus/ui
|
|
cp -r backend/migrations /opt/postgresus/
|
|
chown -R postgres:postgres /opt/postgresus
|
|
msg_ok "Built Postgresus"
|
|
|
|
msg_info "Configuring Postgresus"
|
|
ADMIN_PASS=$(openssl rand -base64 12)
|
|
JWT_SECRET=$(openssl rand -hex 32)
|
|
|
|
cat <<EOF >/opt/postgresus/.env
|
|
# Environment
|
|
ENV_MODE=production
|
|
|
|
# Server
|
|
SERVER_PORT=4005
|
|
SERVER_HOST=0.0.0.0
|
|
|
|
# Database (Internal PostgreSQL for app data)
|
|
DATABASE_URL=postgres://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}?sslmode=disable
|
|
|
|
# Security
|
|
JWT_SECRET=${JWT_SECRET}
|
|
ENCRYPTION_KEY=$(openssl rand -hex 32)
|
|
|
|
# Admin User
|
|
ADMIN_EMAIL=admin@localhost
|
|
ADMIN_PASSWORD=${ADMIN_PASS}
|
|
|
|
# Paths
|
|
DATA_DIR=/opt/postgresus/data
|
|
BACKUP_DIR=/opt/postgresus/backups
|
|
LOG_DIR=/opt/postgresus/logs
|
|
|
|
# PostgreSQL Tools (for creating backups)
|
|
PG_DUMP_PATH=/usr/bin/pg_dump
|
|
PG_RESTORE_PATH=/usr/bin/pg_restore
|
|
PSQL_PATH=/usr/bin/psql
|
|
EOF
|
|
|
|
chmod 600 /opt/postgresus/.env
|
|
msg_ok "Configured Postgresus"
|
|
|
|
msg_info "Creating Postgresus Service"
|
|
cat <<EOF >/etc/systemd/system/postgresus.service
|
|
[Unit]
|
|
Description=Postgresus - PostgreSQL Backup Management
|
|
After=network.target postgresql.service
|
|
Requires=postgresql.service
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=postgresus
|
|
Group=postgresus
|
|
WorkingDirectory=/opt/postgresus
|
|
EnvironmentFile=/opt/postgresus/.env
|
|
ExecStart=/opt/postgresus/postgresus
|
|
Restart=always
|
|
RestartSec=5
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
|
|
# Security settings
|
|
NoNewPrivileges=true
|
|
PrivateTmp=true
|
|
ProtectSystem=strict
|
|
ProtectHome=true
|
|
ReadWritePaths=/opt/postgresus
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable -q --now postgresus
|
|
sleep 3
|
|
|
|
if systemctl is-active --quiet postgresus; then
|
|
msg_ok "Created Postgresus Service"
|
|
else
|
|
msg_error "Failed to start Postgresus service"
|
|
systemctl status postgresus
|
|
exit 1
|
|
fi
|
|
|
|
msg_info "Configuring Nginx"
|
|
cat <<EOF >/etc/nginx/sites-available/postgresus
|
|
server {
|
|
listen 80;
|
|
server_name _;
|
|
|
|
location / {
|
|
proxy_pass http://127.0.0.1:4005;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade \$http_upgrade;
|
|
proxy_set_header Connection 'upgrade';
|
|
proxy_set_header Host \$host;
|
|
proxy_set_header X-Real-IP \$remote_addr;
|
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
proxy_cache_bypass \$http_upgrade;
|
|
proxy_buffering off;
|
|
proxy_read_timeout 86400s;
|
|
proxy_send_timeout 86400s;
|
|
}
|
|
}
|
|
EOF
|
|
|
|
ln -sf /etc/nginx/sites-available/postgresus /etc/nginx/sites-enabled/postgresus
|
|
rm -f /etc/nginx/sites-enabled/default
|
|
$STD nginx -t
|
|
systemctl enable -q --now nginx
|
|
msg_ok "Configured Nginx"
|
|
|
|
msg_info "Saving Configuration"
|
|
ADMIN_PASS=$(grep ADMIN_PASSWORD /opt/postgresus/.env | cut -d'=' -f2)
|
|
{
|
|
echo "Postgresus Configuration"
|
|
echo ""
|
|
echo "Web Interface: http://${LOCAL_IP}"
|
|
echo ""
|
|
echo "Default Login:"
|
|
echo " Email: admin@localhost"
|
|
echo " Password: ${ADMIN_PASS}"
|
|
echo ""
|
|
echo "Database:"
|
|
echo " Name: ${PG_DB_NAME}"
|
|
echo " User: ${PG_DB_USER}"
|
|
echo " Password: ${PG_DB_PASS}"
|
|
echo ""
|
|
echo "Directories:"
|
|
echo " Config: /opt/postgresus/.env"
|
|
echo " Data: /opt/postgresus/data"
|
|
echo " Backups: /opt/postgresus/backups"
|
|
echo ""
|
|
echo "Change password after first login!"
|
|
} >/root/postgresus.creds
|
|
msg_ok "Configuration saved to /root/postgresus.creds"
|
|
|
|
msg_info "Performing Final Verification"
|
|
sleep 5
|
|
|
|
# Check if Postgresus is responding
|
|
if curl -f -s http://localhost:3000/ >/dev/null; then
|
|
msg_ok "Postgresus is responding on port 3000"
|
|
else
|
|
msg_warn "Postgresus may still be starting up"
|
|
fi
|
|
|
|
# Check database connection
|
|
if sudo -u postgresus psql -d ${PG_DB_NAME} -c "SELECT version();" >/dev/null 2>&1; then
|
|
msg_ok "Database connection verified"
|
|
else
|
|
msg_warn "Database connection check failed - may need manual verification"
|
|
fi
|
|
|
|
# Clean up temporary files
|
|
rm -rf /tmp/postgresus* /var/cache/apt/archives/*.deb
|
|
msg_ok "Final verification complete"
|
|
|
|
motd_ssh
|
|
customize
|
|
cleanup_lxc
|